Profiling and Identifying Individual Users by Their Command Line Usage and Writing Style

Darusalam Darusalam, Helen Ashman

Abstract


Profiling and identifying individual users is an approach for intrusion detection in a computer system. User profiles are important in many applications since they record highly user-specific information - profiles are basically built to record information about users or for users to share experiences with each other. This research extends previous research on re-authenticating users with their user profiles. This research focuses on the potential to add psychometric user characteristics into the user model so as to be able to detect unauthorized users who may be masquerading as a genuine user. There are five participants involved in the investigation for formal language user identification. Additionally, we analyze the natural language of two famous writers, Jane Austen & William Shakespeare, in their written works to determine if the same principles can be applied to natural language use. This research used the n-gram analysis method for characterizing user’s style, and can potentially provide accurate user identification. As a result, n-gram analysis of a user's typed inputs offers another method for intrusion detection as it may be able to both positively and negatively identify users. The contribution of this research is to assess the use of a user’s writing styles in both formal language and natural language as a user profile characteristic that could enable intrusion detection where intruders masquerade as real users.

Full Text:

PDF

References


V. N.P.Dau, et al., "profiling users in the UNIX OS Environment," 2000.

M. Maia, et al., "Identifying user behavior in online social networks," presented at the Proceedings of the 1st Workshop on Social Network Systems, Glasgow, Scotland, 2008.

J. Vosecky, et al., "User identification across multiple social networks," in Networked Digital Technologies, 2009. NDT '09. First International Conference on, 2009, pp. 360-365.

G. Pannell and H. Ashman, "User Modelling for Exclusion and Anomaly Detection: A Behavioural Intrusion Detection System," Berlin, Heidelberg, 2010, pp. 207-218.

A. A. E. Ahmed and I. Traore, "Detecting computer intrusions using behavioral biometrics," 2005.

D. L. Pepyne, et al., "User profiling for computer security," in Proceedings of the 2004 American Control Conference, 2004, pp. 982-987 vol.2.

C. C. Hung, et al., "Tag-Based user profiling for social media recommendation," 2008.

M. Reformat and S. K. Golmohammadi, "Updating user profile using ontology-based semantic similarity," in Fuzzy Systems, 2009. FUZZ-IEEE 2009. IEEE International Conference on, 2009, pp. 1062-1067.

S. McKinney and D. S. Reeves, "User identification via process profiling: extended abstract," presented at the Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, Oak Ridge, Tennessee, 2009.

C. Dwyer, et al., "Trust and privacy concern within social networking sites: A comparison of Facebook and MySpace," 2007.

P. Bhattacharyya, et al., "Social Network Model Based on Keyword Categorization," in Social Network Analysis and Mining, 2009. ASONAM '09. International Conference on Advances in, 2009, pp. 170-175.

M. Takeda, et al., "Discovering Characteristic Expressions from Literary Works: a New Text Analysis Method beyond N-Gram Statistics and KWIC," Berlin, Heidelberg, 2000, pp. 112-126.

M. Balduzzi, et al., "Abusing Social Networks for Automated User Profiling," in Recent Advances in Intrusion Detection. vol. 6307, S. Jha, et al., Eds., ed: Springer Berlin / Heidelberg, 2010, pp. 422-441.

G. Pannell and H. Ashman, "User Modelling for Exclusion and Anomaly Detection: A Behavioural Intrusion Detection System," in User Modeling, Adaptation, and Personalization. vol. 6075, P. De Bra, et al., Eds., ed: Springer Berlin / Heidelberg, 2010, pp. 207-218.

W. Wei, et al., "Profiling program and user behaviors for anomaly intrusion detection based on non-negative matrix factorization," in Decision and Control, 2004. CDC. 43rd IEEE Conference on, 2004, pp. 99-104 Vol.1.




DOI: http://dx.doi.org/10.17977/um018v1i22018p55-63

Refbacks

  • There are currently no refbacks.


Copyright (c) 2018 Knowledge Engineering and Data Science

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Flag Counter

Creative Commons License


This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

View My Stats